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(57) Abstract 

A system for identifying an individual is determined either by assigning that person a unique identification number based on a 
distinctive characteristic possessed by that person (e.g. voice analysis, finger print, facial scan. DNA etc.). or by means of verifying some 
unique digital "signature" representation assigned to that person. The unique ID number or digital signature may then be used in a variety of 
functions to enhance both the security and convenience of conducting electronic transactions. The system may provide a means for creating 
unique PIN numbers for use as a preliminary or secondary identification means, and/or a means for generating unique tone codes for use 
in personal identification via telephone or modem. Further, security of online transactions may be greatly improved by placing access key 
information in a medium outside the computer host or client. The system further provides a means that facilitates a user's ability to change 
codes or methods of generating codes instantly, without having to contact their bank, credit card compagny. etc. 
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PORTABLE SYSTEM FOR PERSONAL IDENTIFICATION 



TECHNICAL FIELD OF INVENTION 

The present in\ eniion relates to novel, improved mclhods and systems for electronic personal 
identification. Specifically, this invention relates to methods and systems for providing an accurate means of 
identifying a particular known or unknown person thai may be easilv transponed from location to location. 

5 

BACKGROUND 

As the computer age has progressed in recent years, there has been a \-asi increase in the use of private 
electronic transactions. Banks, credit card companies and other i'lnancial institutions offer a wide \'ariet\- of 
options and services that mny now be conducted online. The e\ er expanding Internet has brought computerized 

1 0 home shopping to the forelroni of cyber-iechnology. Consumers may now conduct a majoritv of iheir iinancial 

business in numerous ways that either did not exist, or were not available for use b\" the general public as little as 
five years ago. Some examples of such transactions include computerized home banking, the use of automatic 
teller machines, computerized stock transactions, credit or debit based product dispensers, secanlv entrances, 
telephone access and transactions, long distance calling cards, identification cards ( including any such card used 

1 -*> lor scrv'ices like health care, insurance, automobile service accounts, etc.), and e\ en secure transactions over the 

hue met. 

The essence of any secret transaction, whether financial or not, is the abiiir/ to keep it private and 
secure I'rom potential ihefi. Although computerization of tran.sactions and improvements m technolog\' have 
increased the ease with which consumers may conduct these private transactions, the nature of the technology is 

20 such that the inibrmaiion, when transmitted eiecu-onically, can be intercepted and u.sed for criminal purposes. 

Consequently, as the usage of these kinds of electronic transactions has increased, a need for impro\'cd svstcms 
and methods to ensure their securit>' has increased as well. Completion of most electronic tlnancial transactions 
requires the use of a password or personal identification number (PIN) that identifies a person as one authonzed 
to conduct a specific transaction. For example, most automatic teller machine (ATM) cards have a magnetic 

25 su-ip that, when read by the ATM computer, identifies the bank and the account to be accessed, 'fhc machine 

then asks for enir\- of the PIN which has been assigned to that account. If the correct IMN code is entered, the 
user may access the bank account to conduct a \-ariety of transactions, including, withdrawals, deposits or 
requesting account statements. 

There are several drawbacks to this approach, first, the PIN must be chosen w hen the account is 

30 opened, and may only be changed by bank personnel upon request by the user. Theretore, a person v\'ho hasn't 

realized that her AT.Vi card was stolen may go days v\ ilhout requesting a new PIN number to be assigned to her 
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account. Dur:ng that umc. the th.ef who stole her card may have d.scovcred the PIN number, and made 
urtauthon^ed w.thdrawals from her account. Second, the ••choosc-your-own" PIN code svstem ts not suffic.enth 
untque to prov.dc adequately rehable .dent.ficat.on. A person not the owner ofan account who obta.ns 
knowledge of a PIN code mav eas.lv cla.m unauthonzed access to that account because, all she need do .s 
d>scover the four d.gu PIN code number associated wuh that account, ^.■h^e there are thousands of oossible " 
pennutafons or combtnat.ons of d.g.ts that could make up any one PIN code, the actual code ,s not spec.ficallv 
un,que to that person. For example, two or more bank accounts at the same bank could theore.:callv ha^■e the ' 
same PIN code. As long as the correct PIN code ,s entered for the account sought to be accessed the svstem 
does not care ,f the entered PIN code could also access other accounts as well, because .t onlv focuses on the 
specfc account number rece.ved from the AT.M card's mag^eUc stnp. The major fault w.th th.s sv.stetn .s that u 

cotrect ,dcnt:ncauon number. In other words, the cun-cnt svstem merely assumes that ,f the md.v.dual who 
attempts to use the card knows the co.ect PIN number, then that person :s authonzed to access the account 
i ncrerore. the PIN code system does not offer the tle.x.b.Hty, securuy. and uniqueness that other fonns of ' 
- .dent,ncat,on mav offer, .pec.f.cally. the PIN code .svstem cannot d.st.nguish between users actuallv authonzed 

to access tne account, and unauthorized users that ha^•e discovered the correct PIN code 

In typical applications which require the use of a pass key to facilitate access,, users are .sued a kev 
contains a spec.tic, predetermined access code stored on a magnetic s.r.p or oth.er such storage device and 
u.n.ch de-activates a locking mechanism, a.a™ .system, or other such device and allows the kev bolder to access 
u .atever secure ob.ect.ve w.s being protected. Again, this method of restnct.ng. access provides flawed 

s..ur,,.because,tfa.lstoprov.deameansforpos.uvelv,denti,ing the user as an author..^ 
prcceaent to granting access to the secure objective. 

Others have attempted to solve the secunt^■ problem bv creating means tor identification based on a 
iometric character trait unique to specitlc users Such character traits mav include voice identification 

nirrt'^' T """'-^^ ""^^'"^ ^ 

at.a,..e. ^c.e types ot character traits, systems have been developed which can more accuratelv identit^^ specific 
persons. For e.xamp.e, the invention d..sclosed in Parra, teaches a method and apparatus for .dentifVme a 
panicutar individual based on the uniqueness of the acoustic characteristics of h..her voice, Accord.n. to 
Patra. the voice characteristics of the user are stored on a magnetic strip on the back of a card. When the card .s 
.nserted into the interface, the user is prompted to speak a word. The spoken w ord is then di.t..ed and Us " 

match those ol the spoken word, the user ma>- be granted access. 

There are several drawbacks to this approach. First, while the Pa.a ind ention attempts to address the 
.^unt>.- issue regarding umqueness of identification characteristics, .t does not address Hexibilit.^ of use The 
a™,,ietheP 
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through bank personnel. Further, the Parra invention docs not address t\ ing the voice-identification to the 
generation of voice patiem-based numeric, alphanumeric or telephone tone codes for use m applications like 
telephone long distance credit cards, or Iniemei passwords, which would allow more widespread use of the 
identification technoiog>-. Finally, the Parra invention is specifically limited to a voice identification technolog\ 
system, rather than relating to a non-platform specific svsiem. 

Online systems, such as those disclosed in the June. 1997 issue oi' Byte magazine (volume 22. number 
6, pp. 70-80) rely on digital signatures, digital certificates and ser\-er-based verification of smart card electronic 
signatures in creating a high level ofsccurit}- for financial transactions and other secured access applications, 
fhese systems involve high-end algorithmic encoding of identification numbers which mav then be sent to and 
from clients and .ser\-ers during the authorization process These systems, while providing high levels of .securiiv 
are not fool proof 

i'or "hash" signatures, both the client and ser\-er must have the access key to complete the encoding and 
decoding oi the hashed data. This means that a secunr\- breach at either end (client or ser\'cr) mav result in a 
hacker's ability to obtain a forgen.' of ihe access key, and thereby, access to the ciieni's restricted data or 
accounts. 

Pubhc-key algorithms, provide better security in that the ser\-er does not need to ha\'e a copv of the 
access key to verify a digital signature. The pri\ ate key algorithms used lo encode the data are known onlv to the 
client encn-ptor. However, the system of encoding and decoding is set up such that the scr\-er side can use a 
different decoder algorithm to verii\' the encoded signature. Therefore, the access kcv remains significantly 
20 more secure than a hash based signature, because it is only known to the client side, while the ser\-er can still 

authenticate it. Public-key algorithms, however, do not assure that the person using the key is the actual owner, 
rather than a forger\-. The key is actually just a number: it bears no resemblance to the panicular user, and 
carries no personal or unique data about the user. Further, the public key svsiem requires a great deal of support 
and inlrastructurc, particularly in maintaining databases of all active and revoked certificates or keys. 

25 

SUMMARY OF THE INVENTION 

It is an object of the present invention to provide an accurate electronic personal identification system 
which offers improved security and ponabi]it>-. It is a funher object of the invention to provide an electronic 
personal identification system based on biometric ID analysis which pro\-ides improved security and portabilit>-. 

jO it 13 a still further object of the invention to provide an electronic transaction system which contains improved 

personal identification securit>\ and which oOers additional features to improve the ease and flexibilitv of use. 

A preferred embodiment of the in\ ention is a card or other small portable device that contains a device 
which positively identifies the cardholder as an authorized or unauthorized user, and tiiereby provides or 
prevents access to a specific secure objective (e.g. an ATM machine, security gate or door, computer scanning 

35 device, and other such accounts, areas or the like which require restricted acces.s). The invention obtains the 

potential user's unique personal identification profile, preferably a digital representation of some uniquelv 
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.denffymg trait of the user, such as, but not l.m.ted to an>- b.ometi-.c analvs.s svsien, (cc. fingerpnnt DNA 
palm pnnt, ret.na scan, etc.), or other .denttf.cat.on system wh.ch produces a dtgual prof.le that ,s sufficentlv 
umque as to provide a reasonable degree of ce^a■nr^• as to >dentificat:on. In a preferred embodiment of the 
.n^.ent,on, the dev.ce, c.rcu.ir,- or apparatus by uh.ch the system obtams the users ID profile .s contained on 
board the invention. However, the disclosed invention mav receive and utihxe an ID prof.le calculated bv an ' " 
outside system as weii. 

The Identification profile created (or received) by the nnention mavbe a numeric, alphanumeric or 
otner digital representation of the users unique biometnc or digital signature profile The spontaneouslv created 
.dentilication profile is then compared to any predetermined authorized profiles as.socia.ed with the irvcntion to 
dctcnmno ,f the user is authorised as one of the users assigned to that account. The invention anticiuates that 
more than one ■accounf may be assigned to am- particular embodiment of the ln^.•entlon (e.g. an ID card bank 
account card, etc.). so that families, businesses, or other groups may share tdent.ficat.on devices ,„ other 
woras. members of a panicular household mav u.se each others identification cards in order to promote 
ilcxibiiit\' oi use. 

Once authonzation has been estabiished. the digital representation of the identification value mav be 
con^■erted into one or more access codes which mav be used to provide access to a pan.cular one of anv number 
01 secure accounts or databases, restricted areas, or other secure obiectives. This feature allows for the e.sistence 
01 individually secure accounts" on multiple-user cards. Since several individual and .roup •accounts" mav be 
stored on a single card or other small portable identification device, the creation of ID nrofile-based personal 
.aentification numbers rPINs; provides a means bv which cards utilized for group accounts mav also be utilized 
tor individual accounts without risk of security breach. 

For e.xample, considenng an embodiment of the invention as an ID card contam.n. two different 
accounts, a group account mav provide access to a residence or other shared secure ob,ective. while on the same 
card, an individual account may provide individual access to a bank account, .^n. member of the .oup mav 
use the ID card to access the residence. The card will be able to rcnf. all of the group members' ID profiles as' 
authorized to u.se the card to access the residence. Howe^■er. if the bank account can onlv be accessed bv a 
specific PIN code, which is based on the authorized u.ser s ID profile, then anv PIN code calculated usm. anv 
other group members' ID code wUl not produce the PIN required to access the account, and other group^ ' 
members will be denied access to the bank account. 

One preferred embodiment of the invention is a bank account or credit account ■smart card" utilizing 
.J.ce Identification technology^ (similar to that disclosed ,n Pa.a), however, it mav be noted that other biome:nc 
identification analvses may be used (such as fingeipnnt scan, ins scan. DNA. etc.). In the vo.ce identification 
based svstem. the sman card converts the user s spoken words into a numerical value ba.sed on the u.ser's unique 
aigital acoustic characteristics. At the time a bank (or other financial institution) account is opened, the account 
holder speaks a predetermined phrase and/or several predetennined "code words" that are analvzed and 
converted m.o a base digital voice signature value The account holder's account inlbi^ation .which mav 
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include the original voice profile) may then be stored on ihe card. The predetermined voice profile represents 
the unique ID profile associated with that account holder, and may be stored on the institution's main computer 
database, on the sman card, or both. 

When the account holder wishes to access his account, he activates the on-board voice identification 
5 device, which analyzes his voice patterns to determine if he is authorized to use the card. Next, the user inserts 

the card into an ATM (or other device employed for accessing an account). The invention converts the user's 
.spontaneous word or phrase into a voice print value. The voice print value is then compared with the 
predetermined ID profile stored on the ATM card, the online computer database, or both, for match or 
discrepancy range. If the user's voice pattern matches, or is within the acceptable discrepancy ran-e assigned to 
1 0 ihe account, then the sman card may auuhorize ihc user to access the account. Otherwise, access to the account 

may be denied. The system may require ihe user to speak one of any specific code words pre\-iouslv recorded bv 
ihc user, or max* simply anaiyze any random words or phrases spoken by the account holder, depending on what 
kind of voice idenlificaiion technology is employed by the financial institution, or stored on the card or other 
portable device. 

1 ^ Other uses for the disclosed invention may include such uses in conjunction with a healthcare .serv-ices 

card, driver's license, or passport. As a healthcare ser\'ices card the present invention may provide a quick and 
efficient means for positive idenlificaiion and access to medical hision--. In emergencv situations such 
information must be quickly obtained in order to provide safe and adequate diagnosis and treatment. Because 
many emergency patients arrive at the emergency room unconscious, the disclosed invention is particuiarlv 

20 suited to allow ER physicians and nurses rapid access to important medical inibrmation that Lhev would not 

otherwise be able obtain from the patient herself 

As used in conjunction a drivers license or pas,sport, the disclosed invention has particularly important 
applications, not only for positively identifying a person, but also for allowing a police officer or other official 
access to information about a cardholder's criminal record, driving record, or other such information that mav be 

2:> useful for law enibrcement or regulation of international travel. 

The disclosed invention differs from the pnor an in two imponant ways. First, the biometric 
identification device is preferably on board the card, rather than contained in the A I'M machine. This allows the 
user to verifv his identit>'' before physically interacting with the account interface ( e.g. ATM machine). Further, 
it facilitates the use of other features of the invention, such as remote control operation, as well as eliminating the 

30 need for expensive, onsite identification devices or systems, 'fhe card automatically identifies the user, veriiies 

his status as authorized or unauthorized, and grants or denies access accordinglv. 

Second, the invention includes a feature which allows the creation of unique, .secure PIN codes for use 
as preliminar}' or sccondan' verification of identification, and which allows multiple group and individual 
accounts to exist on a smglc card. For example, the card or system may include a device for creating a 

3 ^ distinctive, and user-specific alphanumeric code based on the potential user s unique identification profile value. 

W'lien the potential user activates the verification process, the spontaneously created identification value 
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calculated from his profile ,s transformed by the invention into a specific code ^vhich can be used by the device 
protecting the secure objective as a secondan' or supplemental means for positive identification. 

A specifically useful application of this feature for financial transactions is ihc creation of secure PIN 
codes for ATM cards. This feature adds flexibility to such cards in that in the event of a malfunction of or mis- 
recogmtion b^• the pnmary identification method, the uniquely generated PIN code may still authorize access. ~ 
This secondary ID method is equally secure, since n is generated according to the originally stored ^o.ce print or 
other ID characteristic. Also, as explained above, this feature allows for the existence and efficient management 
of multiple accounts on a single card. 

Another difference from the prior an, is that the system of the present .n^•ention. as disclosed herein, 
mav include a means for generating unique access codes for use m .dentils ing a u.ser v,a telephone or computer 
modem. Like the secondan- PIN codes, the transmuted tone codes are generated according to the unique ID 
number assigned to the user's voice pnni. or other d.stmcine .dentificafon charactenst.c. Therefore, since the 
tone codes are unique to the user, they are more secure, and unusable b^■ anvone other than tlie authorized user, 
i- unher. the ab.luv to generate these tone codes pro^■.des a more tlex.bic u.se of the d-sclosed mx ent.on. bccau.se 
compatible on-site equipment at an account location is not required. The card automatically generates the 
correct telephone tones corresponding to Uie accounts acce.ss code, and thus providing access as if the code had 
been entered manuallv This tone code is more secure, however, becau.se it is only generated once identification 
has been established. 

The disclosed invention may be integrated into existing ponable electronic devices, like cellular 
phones, laptop computers, portable digital assistants (PDAs), calculators, electronic address books, etc., to 
increase the flexibiim- and portabilm- for the user. For example, integration of the invention into a telephone 
(paraculariv a cellular telephone) may be significantly useflil As described above, the invention may create 
specific tone codes for identification purposes, and may have a voice identification ba.scd ID svstem. Bv 
integrating the invention mto a cellular (or other) telephone, the device can take advantage of components 
already present m the "hosf device. In the telephone example, the device mav u.se the phone's built in 
microphone and/or speaker system as the voice ID input. Additionally, any tone codes the device mav create and 
transmit may be so created and transmitted by the phones bu.lt in tone generator. 

A prefeired embodiment of the invention also includes the ability to update mfonnation (such as the 
algorithm used to create the specific identification number-based numeric, alphanumeric, or tone code 
associated with a particular account) each time the account is accessed An account uul.zme this feature is not 
issued a specific PIN code, but instead uses dynamic codes. Once the account has been accessed, the card stores 
a new algorithm to use the next time the account will be accessed. Upon subsequent u.se. the new aleonthm 
conx erts the user's unique identification value mto a completely new PIN code which the account database has 
alreadv associated with the account at the prior transaction. This feature provides better seountv because anv 
person not authorized to access the account, who may happen to obtain the PIN code on one occasion, will not 
be able to access the account, because the PIN code changes each time the account is acce.s.scd. 
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Alteralively, ihe account may be assigned a plurahn- of PIN codes, any of which may authorize access 
The smart card may store the algorithins which produce these PIN codes from an authorised user's unique 
identification value. Each time the account is accessed, the access code generator uses a different, randomly 
chosen stored algorithm, to produce one of the acceptable account access codes. In this manner, the account 
may be iiinher protected because a chance interception of one access code will not automatically grant 
authorization, since the same access code is never allowed twice in a row. 

The invention as disclosed herein may also be easily integrated into exisimg renewal s\ siems. The 
identification system may include the ahiiii\- to store and/or calculate renewal dates, or the number of times a 
particular secure objective has been accessed in order to determine when the account must be renewed. For 
example, when an account card, pass key. etc. is issued, it may grant only limited access in that it remains acii\'e 
only for a specific period of time or for a particular number of accesses, until reactivated or reprogrammed. 
Each time the card or ke>' is used, it may determine whether the access period has lapsed by determining whether 
the renewal date has passed, or whether the mu.ximum number of accesses has been exceeded. The card or other 
device niav be renewed via bio-meiric identificaiion. or may be reprogrammed. either directly or on line. In this 
manner, the system provides tor increased secunt\' in that a card or other device will automatically cease to 
provide access upon expiration, so that anyone who manages to obtain unauthorized access using that card will 
be unable to renew it and continue gaining unauthorized access. 

The above and other objects, advantages and features ot'ihc in\'ention w ill become more apparent 
when considered m conjunction with the followmg specification and accompanying drawings. 



BRIEF DESCRIPTION OF THE DRAWLNGS 

FiGUI^ 1 shows a block diagram of a preferred embodiment of the disclosed invention. 

FIGUl^ii 2 shows a block diagram of the embodiment of the invention from FIGURE I with a 
combination of advanced features. 
-5 FIGUI^l 3 shows the outside of the enclosure of the invention as embodied in an ATM card, a credit 

card, or a check card issued by a imancial institution. 

DETAILED DESCRIPTION OF THE LNVENTION 

Referring now to the drawings, and in particular, with reference to FIGURE 1 , there is shown a block 
30 diagram of a basic embodiment of the disclosed invention. 

Enclosure 1 houses all of the components of ihe invention, and is of sufficient dimensions to be easilv 
portable. The preferred embodiment includes an enclosure 1 that may be approximately the size of a credit card, 
debit card bank card or electronic smart card, or other small hand held portable device. I loused within 
enclosure 1 is the verin'ing means 2 which determines whether the person using the card is an authorized user of 
J? the card. In the prelerred embodim.ent of the invention, input 12 receives analog identification imbrmation 

which IS converted bv verifying means 2 into a digital representation of the potential u.ser's identification profile 
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In the preferred embodiment of the >n^■ent■on. the venfy.ng means 2 on board the device captt^res and anaK-.es 
the users .dentificat.on profile. For example, mput 12 may constst of a mtcrophone for rece.vng the potent.al 
user's analog voice representat.on. Once rece.ved b)- mput 12. analyxmg means 2 converts the analoc s.enal to a 
d,g.tal vo.ce pattern .dentificat.on profile. X^Ti.ch may then be compared to the user s actual vo.ce profile for 
match or d.screpancv range. The mput 12 and anah^mg means 2 are not l.mued to vo.ce .dentificat.on ' " 
tech^olog^•. but may .nclade any identification method (mcluding .ns scan, fingerpr.nt scan. DNA, or anv other 
charactenst.c unique to individuals) uhich mav be completely hou.sed with.n the enclosure 1 . 

The .nvent.on. however, is not limited to including the ability to read and create an init.al 
representation of the potential user's identification profile via the analvz.ne means 2. Input 12 mav be mereiv a 
signal input which receives a pre-d.giti.ed identification profile, created bv some outside analvsis, for 
\'erirication by anaivzing means 2. 

.Although the preferred embodiment of the .n^■entlon anticipates the use of some unique biometnc 
characteristic of the potential u.ser (e.g. voice pnnt. fingerprint, DNA. palm prmt or other .such unique biometnc 
cnaractenstic). the invention is not limited to b.ometric identification .-Xny personal profile, .sutficentlv unique 
to prov ide a rea.sonable probability of correct identification, and which ,s capable of beintt d...taliv represented 
and sent % ia electronic signal, mav be utilized in the present invention. 

After determining the potential user's ID profile. ventS ing means 2 outputs the calculated value on 
signal line 4. Next, vcritS-ing means 2 obtains anv authorised profiles as.soc,ated u uh the account from the built 
m storage medium 6, ar.d then compares the stored profile to the potential user's snomaneouslv created profile 
If inc spontaneous profile calculated by verimng means 2 matches, or ,s wnh.n an acceptable discrepancy value 
range ot anv of the authorized profile stored in the built in storage medium 6, then the vcnfv.na means ^ " 
generates a "Positive ID" signal on signal l.ne 3 If the spontaneous profile detenmned bv ^•enn ,ne means 2 
docs not match, or is no, within an acceptable di.screpancv value range of anv of the authonzed profile stored m 
tne ouilt ,n storage medium 6, then v erifying means 2 generates a "Negative ID " signal on sianal line 3 Signal 
hne 3 IS output at output port 10. and infonns the secure objective's database whether tiie potential user .s 
authorised to use the card. Output port 10 tran.sm.ts the "Positive ID" signal or "Ne.at.ve ID" signal to the 
program, c.rcu.tr.- or other device associated u uh the secure objective that ultimatelv grants or denies access to 
the secure objective. For example, m ATM U-ansact,„ns, the existence of a "Positive ID" s.gna. output from 
output port 10 would be read bv the ATM s input signals, and would cause the ATM to grant the user access to 
her account. In other applications, the "Positive ID" or "Negative ID" signal mav be used to erant or denv access 
to computer accounts, door entnes, toggle alarm actn ator/de-activators, or other such secure ob.ectivcs ' 

Signal line 4 transmits the idenl.fication profile spontaneouslv determined bv verifv.nn means 2 to code 
generator Code generator 5 transforms the user s unique identification profile into a .specific code which mav 
.e assigned to a user s .specific secure o'ojectn e (e.g. bank account, restricted room, database etc ) as a 
prelim.nar, , secondary or primarv access code. Upon activation, code generator 5 uses an al.on.hm obtained 
from memon- ch.p 7 to convert u.ser's unique -identification profile into an access code associated with the 
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secure objeciive. For example, in A TM applications, ihe code generator would conv ert the user's unique 
identification profile into a four digit numeric personal identification number (PIN) code, which could then 
provide access to the account. Memory' chip 7 may be any t\-pe of memory- chip known in the art. and capable of 
storing multiple algorithms, including any programmable read only memor>- (PROM) or erasable programmable 
5 read only memory' (EPROM). or other memorv- unit known in the an. iMemory chip 7 may also be 

interchangeable or replaceable so that chips containing pre-stored algorithm may be u.sed and replaced at the 
user's discretion. Alieratively, memory chip 7, if programmable and/or erasable, may be updated, 
reprogrammcd or erased via inpui/outpul (I/O) port 9. It should be noted that while I-"IC}UR1: 1 depicts the 
usage of" a separate programmable mem.or\' chip 7 to supply the code generator 5 with a code generating 
1 0 algorithm, such programmable mcmon* chip 7 is not neccssarv* for the invention, in another embodiment of the 

in\-cniion. the code generating algorithms may bo stored on the built m storage unit 6. and accessed by ihe code 
generator 5 from there. 

Once the user's unique identification profile has been transformed into an appropriate access code by 
code generator 5. the access code is output to output port 1 1 where it mav be received bv a secure objective to 
1 5 determine whether access is granted. The access code output at output port 1 1 may be used as a secondan*, or 

altemati\'e method of determining identification and authorization. 

Por example, a system for protecting secure areas of a building from unauthorized access may emplo\* 
an embodiment of the disclosed invention employing fingerprint scan as the verifying means 2. .•'Xs a back up or 
secondarv' means of identification, the s> stem may require entr>' of a secure numeric access code. If, during use 

20 by an unauthorized user, the verifying means 2 improperly sends a "positive ID" signaL then the code generated 

by code generator 5. which is based on the user's actual digital fingerprint profile, and output at output port 1 1, 
would not match the code assigned to the authorized user s account. Consequenilv. based on the secondare- 
identification process, the system would then deny the unauthorized user access to the restricted area. If the 
system relied solely on the "positive ID" or negative ID" signal, then access would be improperlv granted. 

-5 In addition to storing the usens' identification profileCs), built in storage unit 6 may store information 

relating to the users' "accounts." Such inlbrmation may include financial information including balances, 
withdrawals, deposits, aansfcrs, credit purchases, and other such information, renewal dates, access statistics, 
and other inlbrmation. In addition, as indicated above, built in storage unit 6 may also store code generating 
algoritpjns used by code generator 5 to generate user identification-based access codes for use as alternative or 

30 secondarv \-erificaiion. The built in storage unit 6 may be any storage medium known in the art to which data is 

capable of being written and re-writien. Further, storage unit 6 may be remo\'abie and interchangeable to 
provide increased capacir>' at the user's option. Input/output port 8 provides easy updating and downloading to 
or from built in storage unit 6 by any computer. ATM machine, facsimile machine, satellite transmitter, or other 
devices or nroces.sors capable of being used to transmit elecu-onic data. 

3 :> Remote control unit 13 allows the identification device to be used in a vanety of ways from a remote 

locution (ior example, as a key pass, or a user specific car alann remote control kev. or even hiehlv interactive 
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fiincons such as remote control use at an ATM machine). Input 14 ,s a button/or scr.e. of buttons that send 
account specific tnfonnat.on via tnfrared. m.crowave. or other such s.gnal, and uh.ch mav be received and 
processed by the secure object.ve (e.g. ATM mach.ne, door .ock, auto alar^, etc. ). Add.ttonallv. remote control 
un.t 13 mav remotely send mfonnat.on on signal Hne 3, which includes the ••posune ID" or "Ne.at.ve ID" .^a' 
and/or the umque access number (c.g identificat.on number. PIN code, etc.) created from the users un.que " 
idenlification profile. 

In a typical application, the remote control unit 13 may act as a pas.s ke^■ to a restricted area For 
example, access to a pan.cular room in a bu.ldmg may be restricted to particular persons. The remote control 
una 13 mav be utilized to .send the "Fo.sit>ve ID" or "Negative ID" signal (for example, via infrared si^al or 
other remote control signal known m the art) as the potential u.ser approaches the secured area When the 
clectron,c lock receives a "Posn.ve ID" s.gnal, it mav relea.se the locking mechanism, allowing the verified user 
.mmedtately access the restricted area, without having to insert a key. card or other access dev.ce 

MGURE 2 shows a prefeired embodiment of the invention m a t^.p,cal application as an ident.ficat.on 
car tor u.se w.th ATM accounts, credit card accounts, debit accounts, or as a driver's ..cense, oass.on or other 
i ^ such torm ol idenufication. 

Enclosure 20 houses the components, and may be approx.matelv the same si.e and dimensions as a 
tvpicai credu card or other bank card; or dependmg on the area needed for all of the component parts of " 
sutt,c.ent s.e and dimension to accommodate the components, provided that the card is st.ll eas.lv portable 
lns,de enclosure 20. venlvmg means 2 1 operates exact.v as venMng means 2 trom FIGURED 1 The veril^.in. 
means 2 1 receives the .spontaneous identification input (e g voice sample, fingen^nnt samole. dicta, signatur^ 
etc. ) at input 36 and converts it into a d.g.ta. representation. VenlSmg means 2 mav inc.udc anv and all 
.echnolog,- necessar.- to perfonn the actual biometnc scanning, analvsis. or mav receive the spontaneous profile 
.nlormation from an separate identification device. Next, venty-.ng means 2 , fetches the authorized 
.dcnufication profi,e(s, assigned to the account from built in storage medium 25 (or from a central database; and 
compares it , them) to the spontaneously created profile derived from the biometnc analvsis for match or 
discrepancv range Upon match or sulTicientlv close discrepancy range, a "PosUive ID" s.gnal .s output at output 
30. Upon mismatch or unacceptable discrepancy range, a "Negative ID" signal ,s output at output 30 

Cooe generator 23 operates similarly to code generator 5 from FIGURE 1 ,„ that it creates an access 
code based on the potential u.ser's spontaneously created identification value for use w.th a specific account 
Programmable memo, unit 26 provides the code generator 23 w.th code generating algorithms which ,t utilizes 
:o calculate tne account specific access codes. As described above, programmable memo, ch.p mav be updated 
ov computer or bv a financial transaction machine (e.g. ATM machine) as outlined above " 

■ l^'^''^ -^-'^-s an enenpting, means 24. wh.ch may be ut.I.ed to .securelv encrypt 

cither or both the spontaneouslv calculated identification value, and the access codes venerated bv code ' 
generator 23. Secure encnption by enenpting means 24 ensures that identification values and access codes mav 
not be intercepted upon tran.smis.sion between the sman card and the transaction machine .Secure enc.ption of 
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the sponianeously calculated identification value by encr>'pting means 24 may occur before or after comparison 
of the spontaneously calculated identification value and the stored account identification value 

Built in storage medium 25 naay be of the same t\'pe as that shown as storage medium 6 from FIGURE 
1 . In the preferred embodiment, storage medium 25 in FIGURE: 2 is divided into specific areas for storuig . 
5 specific data. One area of storage medium 25 may store account information, including account or credit 

balances, recent withdrawals and/or deposits or payments, and other such account related inibrmation. Storage 
medium 25 may be further divided in to areas which store identification profile information which may be read 
by verifying means 21 for use in determining authorization. Also, storage medium 25 may set aside storage 
space for storing other externally received, non-account specific electronic data. 
1 0 For example, storage medium 25 may include an area for storing, audio data The mvenlion as 

disclosed in FIGURH 2 includes a built in digital voice memo recorder for creating, sioring and playing back 
digital audio memo tiles. 

User speaks into microphone 31, which con\'ens the sound into electronic signals that may be digiialK' 
recorded by recording unit 32 onto built in storage medium 25. Sound memo files, recorded lo the storage 
1 5 medium 25 may be replayed by the smart card (or other portable device ) as well. Rctrie\ ai means 34 retrieves 

stored digital audio data from storage medium 25 and convens the sound to analog signals that are transmitted to 
acoustic speaker 33. which allows the user to hear the sound files stored to storage medium 25. Remote control 
unit 35, input 36, and output 37 act in precisely the manner as their counterpans in FIGURE 1 (remote control 
unit 13, input 14, and output 15). 

20 The t\'picai application of remote control unit 35 m ATM transactions may greatly increase the safety 

ot the user from potential muggings and robberies. Using the invention, the user can transmit access information 
as well as interactive infonnation from output 37. Once access has been granted, the user can use input 36 
(which may be a button or series of buttons) to select from among a plurality of hinctions on the ATM screen 
menu, and conduct other such business from a locked car. while exposing herself onh' to the extent necessary- (if 

25 at all) to quickly retrieve cash, make a deposit, or collect a receipt. Remote control unit 35, therefore, allows for 

better user protection in that a drive-up ATM user would not ha\e to expose himself or herself to the threat of 
lurking bandits for long periods of time in order to conduct a financial transaction. 

FIGURE 3 depicts the surface of the enclosure of the disclosed invention trom FIGUIU!^ 2 m a t>'pical 
application as a bank ATM card, credit card or debit card. In a preferred embodiment of the invention enclosure 

30 40 appears to be similar to a normal credit card or ATM card in both size and dimension. However, the card 

may be larger (longer, wider, deeper, or a combination of the three) than a t\'picai credit card to accommodate 
the component pans. Rather dian (or in addition to) the magnetic strip commonly placed on the back of ATM 
cards, debit and credit cards, and other smart cards, the enclosure 40 has one or more output and/or input/output 
pons 41-44 on its edges. The pons 4 1-44 in FIGUIU^- 3 allow the enclosed invention to interact with a 

35 computer or other machine (e.g. .ATM, computerized gas pump, etc. ) to determine whether access shall be 

granted: or to download and/or update account inibrmation. code generating algoriirjns or other data. 
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Input 45 corresponds to the identilkation input 36 from FIGURE 2, In FIGURE 3, input 45 is a 
fingerprmt scanning pad. The potential user places her thumb (or anv of her fingers) onto the f.ngerprmt pad 
input 45. The veriiS.ng means housed, within the card scans the fingerprint data at input 45. analyzes the print, 
and creates a digital representation of the print which may then be compared to the fingerprint profile of any 
authonaed cardholder stored on the card, ,n an on-line database, or with on-site access equipment. " ' ' 

Input 45 is not limited to the reception of fingerprint data. Input 45 may be capable of receivmc anv 
type of Identification data known in the an, mcludmg, but not limited to biometnc identification data (c.a voice 
identitlcation. iris scan, palm scan, DNA. etc ), or any electronic identification data (e.g. electronic certificate 
data, digital signatures, or other secure digital identification data). 

Button 46 IS utilized with the remote control Rmction to allo^v the user to access an account, and to 
-select available functions to manage the account. It is not ncccssan- that button 46 be a single button, instead 
the invention mav- utilize a .series of button like button 46 to pcrfonn .Unctions such as seiecn. functions 
.scrolling a cursor, or other such tunction as mav be necessar.^ to the operation of the ATM or other such 



machine. 
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WHAT IS CLAIMED IS: 

1 . A portable ideniificalion system comprising 

an on board verilS ing means for determining user authorization or non-authorization, wherem 
5 said verin ing means generates a unique identification profile for each potential uscn and then determines 

whether the generated identification profile is authorized or not authorized; 

a re-writeable storage medium for storing electronic data: and 
one or more data input/output ports, 

2. The system of claim 1 further comprising a code generator employing at least one code 
ccneraiing algorithm for converting an authorized identification value into one or more access codes: 

3. The system of claim 2 further com.prising an encn-pting means for encrxpting said unique 
identification profile and said one or more access codes. 

4. rhe system oi" claim 2, wherein tiie code generating algorithm employed by the code generator 
is replaced by a different algorithm after k is used by the svstem. 

5. The system of claim 2, wherein at least one of the one or more access codes generated bv the 
code generator is an alphanumeric code. 

6. The s\'stem of claim 2, wherein at least one of the one or more access codes generated bv the 
code generator is a telephone or modem numeric tone code. 

7. The system of claim 2, wherein at least one of the one or more access codes generated bv the 
code generator is a an identification specific digital signature profile. 

8. The system of claim 7, wherein the digital signature profile may be used to encode data for 
secure transmission. 

9. The s> stem of claim 1 , wherein the re-writeablc storage medium for storing electronic data is 
removable. 

1 0. Fhe s\*stem of claim 1 further comprising a mem.or\' chip for storing access code generating 
algorithms. 
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1 I The svstem of claim 10. wherein memon- chip lor storing access code generating al.onihms 

IS programmabie. 

12. The system of claim 1 0, wherem memor>- chip for storing access code generating aleor.thnis 

is interchangeable. ~ " - ■ - 

13 The s>-stem of claim 1, wherein the re-writeable storage medium contains the at least one code 

gencratmg algorithm employed by the code generator. 



14 The system of claim 1 , u herem the verifying means comprises an apparatus for analvzine 
biomeinc prolllc of a potential tiser to determine user authorisation or non-authonzation. 



a 



1 > 1 he svstem of clam, 1 4. wherein the biometnc profile information is dcnved from v, 

icicntirication anaivsKS. 



analvsLs 



analysis. 



analysis. 



16. The system of claim 14. uherem the biometnc profile mformation is denved from fingerpnnt 
1 7. The svstem of claim 1 4. wherem the biometric profile information is den^•ed from retina scan 
1 8 The svstem of claim 1 4, wherein the biometnc profile mformaiion is denved from DNA 



19 

analvsis. 



The system of claim 1 4. wherein the biometnc profile infomiafon is den^■ed from palm scan 



0 The system of claim 1 ftinher compnsmg a remote control unit for transmitting infonna.ion to 
a secure oojective from a remote location. 



21. The svstem of claim i ft'nher comprismg a built m digital voice memo recorder for recordm. 
and stonng sound recordmgs to the built m re-wnteable .storage medium for later playback or transmission. ^ 

22. The system of claim 2 1 , wherein the digital voice memo recorder includes a microohone for 
receiving sounds and digitizing them, and a recording means for recording the d.g.uzed sounds onto the built m 

rc-wnteabie storage medium. 
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23. The system of claim I further comprising a playback unit for playing back sound recordings 
stored to the built in re-writeable storage medium. 

24. The s\'stern of claim 23.. wherein the playback unit includes a retrieval means for retrieving 
digitized sounds from the built in re-\vriteab!e storage medium and convening them to analog signals, and an 
acoustic speaker for ouiputting the analog signals as reproduced sounds. 

25. The system of claim 1 , wherein said system grants access only for a specified period ot time. 

26. The system of claim 1 , wherein said .system grants access only a specified number of times. 

27. /\n identification card comprising 

a \ enfying means for deicrmininG user authorization or non-authorization, wherein said 
v erifying means generates an identification value tor each potential user and then dctennines whether the 
identification value is authorized or not; 
5 a code generator for converting an authorized identiiication \'alue into one or more access 

codes; 

a re-writeable storage medium for storing electronic data: and 
one or more data input/output ports. 

28. 'fhe identification card of claim 27 further comprising a memor\' chip for storing personal 
identification number code generating algorithms. 

29. The identification card of claim 27. wherein at Ica.st one of the one or more access codes is an 
automatic teller machine personal identification number code, ^ 

30. The identification card of claim 27. wherein at least one of the one or more access codes mav 
be transmitted to the secure objective from a remote location to provide access to financial information. 

3 1 . The identification card of claim 30. wherein the transmitted access code is a numeric 
telephone tone code transmitted over telephone wires. 

32. The identification card of claim 30, wherein the transmitted access code is transmitted bv 
infrared sienai. 
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33. The identification card of claim 30, wherein the transmitted access code is transmitted by 
computer network interface. 



34. The Identification card of claim 27 ftmher comprising a bti.lt m caiculator for automatically 
updating financial and account information and storing it on the re-u riteabic storage medium. 
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